hiox.txt

hiox.txt: Posted May 23, 2006; Authored by Luny; Hiox Guestbook version 3.1 is susceptible to cross site scripting attacks.; tags | advisory, xss; SHA-256 | eae719f87c78f869aed330033b27a9ee6edf9f5041be2a6aeb095d04cafeb17a; Download | Favorite | View

hiox.txt

Hiox Guestbook 3.1

Homepage:
http://hscripts.com/scripts/php/gb.php

Description
A free guest book script that can be added in to any html website with php.

Effected files:

index.php

Exploit:

The input forms for signing the guestbook arent sanatized properally. This could lead users to insert malicious code causing XSS.

It should also be noted that this gb uses a flatfile gb.txt to store its info in, and has to be chmodded to 777. There isn't method of obscuring email addresses in this gb script either.

Top Authors In Last 30 Days

Red Hat 216 files
Ubuntu 78 files
indoushka 77 files
Jasper Nota 25 files
Gentoo 22 files
Willem Westerhof 19 files
Debian 18 files
Jim Blankendaal 11 files
Martijn Baalman 9 files
Apple 9 files

File Archives

Systems

AIX (429)
Apple (2,099)
BSD (377)
CentOS (58)
Cisco (1,927)
Debian (7,096)
Fedora (1,693)
FreeBSD (1,246)
Gentoo (4,553)
HPUX (880)
iOS (378)
iPhone (108)
IRIX (220)
Juniper (69)
Linux (50,689)
Mac OS X (691)
Mandriva (3,105)
NetBSD (256)
OpenBSD (489)
RedHat (16,482)
Slackware (941)
Solaris (1,611)
SUSE (1,444)
Ubuntu (9,736)
UNIX (9,435)
UnixWare (187)
Windows (6,671)
Other

hiox.txt

hiox.txt

File Archive:

August 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems

hiox.txt

Share This

hiox.txt

File Archive:

August 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems